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[57] ABSTRACT 

A system for the synchronization of encryption and 
decryption in a duplex cellular radio system in which an 
encrypted call may be switched from one cell to an- 
other. At the instant of handoff, a rapid first resynchro- 
nization means temporarily seizes the voice channel in 
one direction only and transmits synchronization infor- 
mation in such one direction. The first resynchroniza- 
tion means ceases to transmit the synchronization infor- 
mation and releases such one direction of the voice 
channel as soon as an indicator of successful resynchro- 
nization is detected in the other direction. Transmission 
of speech traffic in such one direction is then resumed 
after such detection of successful resynchronization. To 
avoid occupying such one direction with continuous 
transmission of the synchronization information in the 
event successful resynchronization has occurred but has 
not been detected due to faulty transmission in the other 
direction, an upper limit is set on the length of time 
which the first rapid synchronization means may cease 
such one direction. After such timeout, resynchroniza- 
tion information may be provided by a second resyn- 
chronization means at a slower rate through a slow rate 
control channel bit stream which is multiplexed with 
the traffic data. 
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not all. instances of eavesdropping will go undetected 
RESYNCHROMZATION OF ENCRYPHON and, therefore, unpunished and undeterred. The possi- 

SYSTEMS UPON HANDOFF bility that a competitor or a foe may decide to "tune in** 

to one*s seemingly private telephone conversations has 
CROSS REFERENCE TO RELATED 5 heretofore hindered the proUfcration of cellular radio 

APPLICATIONS communication systems and, left unchecked, will con- 

This application contains subject matter related to tinue to threaten the viability of such systems for busi- 
co-pcnding U.S. patent application Ser. No. 556,358. ncsses and government applications, 
entitled "Encryption System For Digiul Cellular Com^ It has recently become clear that the cellular radio 
munication", and also to co-pending U.S. patent appli- telecommunications systems of the future will be imple- 
cation Ser. No. 556.102. entitled "Continuous Cipher mented using digital rather than analog technology. 
Synchronization For Cellular Communication System*', The switch to digital is dictated, primarily, by consider- 
both of which were filed on even date herewith and ations relating to system speed and capacity. A single 
assigned to the assignee of the present invention. Such analog, or voice, radio frequency (RF) channel can 
applications and the disclosures therein are hereby in- accommodate four (4) to six (6) digital, or data. RF 
corporated by reference herein. channels. Thus, by digitizing speech prior to transmis- 

BACKGROUND OF THE INVENTION "'^^^ channel, the channel capacity and. 

BACKOKUUNU iHt iiNVtiNUUiN consequently the overall system capacity, may be in- 

1. Field of the Invention creased dramatically without increasing the bandwidth 
The present invention relates to digital cellular com- 20 ^^^^^ channel. As a corollary, the system is able 

munication systems, and more particularly, to a method to handle a substantially greater number of mobile sta- 

and apparatus for the encryption of data communica- i\qj^^ at a significantly lower cost. 

tions within such a system. Although the switch from analog to digital cellular 

2. History of the Prior Art radio systems ameliorates somewhat the likelihood of 
Cellular radio communications is, perhaps, the fastest 25 y^^^^^^ i„ security of communications between the 

growing field m the worid-wide telecommunications s^a^ion and the mobile station, the risk of electronic 

industry. Although cellular radio communication sys- eavesdropping is far from eliminated. A digital receiver 

tems comprise only a small fraction of the telecommuni- constructed which is capable of decoding the 

cations systems presently m operation, it is widely be- ^.^^^ generating the original speech. The 
hcved that this fraction will steadily increase and will 30 j,^^,^ ware may be more complicated and the undertak- 

represent a major ponion of the entire telecommunica- ^ ^^^^ expensive than in the case of analog transmis- 

tions market m the not too distant future. This belief is . *V , , . .i,5^^,,;um;.,, ^^i^*, ui^uu, J«^c^«oi 

grounded in the inherent limitations of conventional ^^'S"^rfd1ri5^^^^^^^ 

* . . ^ «ot„,-r^,bc «,k;o>, sensitive conversations m a digital cellular radio system 

telephone commumcations networks which rely pn- j„ay be monitored by a third party and potentially used 
man y on wire technology to connect subscnbers 35 uc uiuiuiwi^u wjr o ui^^ ^ « ,j u^v-w 
within the network. A standard household or office the detriment of the system users^Moreover. the very 
telephone, for example, is connected to a wall outlet, or Pp^^^^^^V ^ '^''^ eavesdropping on a tele- 
phone jack, by a telephone cord of a certain maximum P^,?"f conversation automatically precludes the use of 
length Similily. wires connect the telephone outlet cellular telecommunications m certam government ap- 
with a local switching office of the telephone company. 40 plications^ Certain busm«s users may be equally sensi- 
A telephone user's movement is thus restricted not only tive to the possibility of a secunty breech. Thus, to 
by the length of the telephone cord, but also by the render cellular systems as viable alternatives to the 
availability of an operative telephone outlet, i.e. an conventional wireline networks, secunty of communi- 
outlet which has been connected with the local switch- cations must be available on at least some circuits, 
ing office. Indeed, the genesis of cellular radio systems 45 Once a decision has been made to protect the trans- 
can be attributed, in large part, to the desire to over- mission of digital information (data) from unauthorized 
come these restrictions and to afford the telephone user access, the originator (sender) and the intended recipi- 
the freedom to move about or to travel away from his cnt (receiver) of the data must agree on a secret mecha- 
bome or office without sacrificing his ability to commu- nism for enciphering (encrypting) and deciphering (de- 
nicatecffectively with others. In a typical cellular radio 50 crypting) the information. Such an agreement usually 
system, the user, or the user's vehicle, carries a rela- involves a mutual commitment to use a particular en- 
tively small, wireless device which communicates with cryption device which may be widely available, but 
a base station and connects the user to other mobile which can be programmed with a secret key specific to 
stations in the system and to landline parties in the pub- the sender and receiver. The agreement, however, must 
lie switched telephone network (PSTN). 55 also include choices with respect to the encryption 
A significant disadvantage of existing cellular radio technique and the method of synchronization to be used 
communication systems is the ease with which analog by the encryption device. 

radio transmissions may be intercepted. In particular, Several encryption techniques are known and imple- 

some or all of the communications between the mobile mented by prior art encryption devices. In one such 

station and the base station may be monitored, without 60 technique, known as "block substitution", the secret 

authorization, simply by tuning an appropriate elec- key bits are tnixed with blocks of data bits to produce 

tronic receiver to the frequency or frequencies of the blocks of encrypted data. With block substitution, 

communications. Hence, anyone with access to such a blocks of data bits which differ merely by a single bit 

receiver and an interest in eavesdropping can violate produce encrypted data blocks which differ, on the 

the privacy of the communications virtually at will and 65 average, in one half (J) of their bit positions and vise 

with total impunity. While there have been efforts to versa. Similarly, encrypted data blocks differing only in 

make electronic eavesdropping illegal, the clandestine one bit position will produce decrypted data blocks 

nature of such activities generally means that most, if differing, on the average, in one half (J) of their bit 
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positions. This type of encryption/decryption tends to of the transmitter counter value on a sufficiently f re- 
magnify the effects of bit errors which may occur upon quent basis to avoid the accumulation of errors caused 
transmission of the encrypted data and. therefore, is not by the divergence of the receiver counter value from 
an appropriate technique for use in digital radio com- the transmitter counter value for a relatively long per- 
munications. 5 iod of time. 

Another known encryption technique relies on a A continuous synchronization technique which may 

keystream generator and modular arithmetic or finite be used to synchronize a time-of-day encryption system 

math. A plurality of secret key bits and a scries of clock and to prevent the aforementioned accumulation of 

pulses are applied to the keystream generator which errors is disclosed in co-pending U.S. patent application 

generates a stream of pseudo-random bits referred to as 10 Scr. No. 556,102, entitled "Continuous Cipher Synchro- 

■ keystream. The keystream bits are then bit-by-bit nization For Cellular Communication System", and 

modulo-2 added to the data bits prior to transmission by first referenced above. The present invention is directed 

the sender. An identical keystream generator is used by to a method and apparatus for resynchronization of an 

the receiver to produce an identical keystream of bits encryption system upon "handoff* of communications 

which are then bil-by-bit modulo-2 subtracted from the 15 between cells of a duplex cellular radio system, i.e., a 

received encrypted data stream to recover the original cellular radio system in which enciphered digital com- 

dau. Proper implementation of this technique requires munication traffic is simultaneously sent from a base 

that the sender and receiver keystream generators be station to a mobile station and from the mobUe station to 

synchronized so that the keystream generated at the the base station. 

receiver and subtracted from the encrypted data is in 20 Because each of the cells in a cellular radio system 

harmony with the keystream generated at the sender may be relatively small in size, the likelihood of one of 

and added to the original data. the mobile stations travelling out of one cell and into 

An encryption technique which generates a large another cell is great. As the mobile stations travel 

number of complex keystream bits and which may be through the cellular system, they may reach the radio 

implemented in a general purpose Arithmetic and Logic 25 coverage limit of one cell and, therefore, be better 

Unit (ALU) is disclosed in co-pending U.S. patent ap- served by another cell. The process of switching an 

plication Scr. No. 556,358, entitled "Encryption System established call from one cell to another is known as 

For Digital Cellular Communication", first mentioned handofT. The cellular system usually tracks each mobile 

above. The present invention is directed to a related but station and assesses the need for a handoff by period i- 

distinct aspect of an encryption system, generally, the 30 cally measuring the signal strength of the surrounding 

synchronization of the encryption and decryption of base stations. If the measured signal strength of the base 

data transmitted over an RF link and, more specifically, station presently serving the mobile station falls below a 

the synchronization of encryption and decryption upon predetermined level, the cellular system determines the 

handoff in a duplex cellular radio system. availability of other channels in neighboring cells and 

A variety of approaches to the issue of synchroniza- 35 transmits a command to the mobile station, via a high 
tion may be found in prior art encryption systems. In speed data message interrupting the speech communica- 
most encryption systems, synchronization may be tions on the voice channel (a blank and burst data mes- 
viewed as an agreement between the sender and the sage), to retune to a frequency which is available in a 
receiver on the number of clock pulses to be applied new cell. The mobile station mutes the speech and tunes 
from a common initial state until the generation of a 40 to the radio channel indicated in the blank and burst 
particular bit. Other prior art encryption systems, how- data message. Speech transmission is resumed after the 
ever, do not keep a running count of the number of mobile station has tuned to the new channel, 
applied clock pulses and rely, instead, on the initializa- Handoffs between base stations in a cellular radio 
tion of the sender and receiver to the same state at the system may also occur for reasons other than the limila- 
beginning of a frame and the application of an identical 45 tions in the radio coverage of a base station. For exam- 
number of clock pulses thereafter. The shortcoming of pie, handoff may be performed because of excessive 
the latter scheme is the difficulty of reestablishing syn- interference in a channel, traffic congestion at a base 
chronization should the sender and receiver fall out of station or for a variety of other reasons which render 
synchronization during a particular frame. handoff advisable or necessary. It should be noted. 

Yet another type of encryption system includes a 50 moreover, that handoffs may also take place between 

counter which maintains a count of the number of keys- different cellular systems in order to maintain a call as a 

trcam bits, or blocks of keystream bits, previously gen- mobile station passes from the radio coverage area of 

crated. The output bits of the counter are combined one cellular system to another, and possibly unrelated, 

with the secret key bits to generate the keystream. Be- cellular system. 

cause the transmitter and receiver counters are incre- 55 A number of complications are introduced to the 

men ted on a regular basis and, therefore, take on the process of handoff when transmissions in the cellular 

characteristics of a digital time/date clock, such an system are digitized and encrypted. One practical prob- 

encryption system is often referred to as a time-of-day lem arises from the fact that the encryption system 

driven encryption system. counter in one base station may be completely out of 

The advantage of the time-of-day driven encryption 60 synchronization with the corresponding counter in an- 

system resides in the fact that if the receiver counter other base station. This is particularly true with respect 

falls out of synchronization with the transmitter counter to base stations operated by commercially distinct, and 

and the system has the capability of providing the re- often competing, entities. The issue in terms of handoff 

ceivcr with the current transmitter counter value, the is how to ascertain the counter value at the new base 

receiver counter may be immediately reset to the trans- 65 station with a minimum of interruption to the speech 

miticr counter value instead of returning to the begin- stream. It should be noted in this connection that the 

ning and applying the entire history of clock pulses. The base station must be the "master" as far as the count 

difficulty with such a system, however, is the provision value is concerned. Otherwise, if the mobile station was 
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the master, then each base station would be required to from the mobile station to the base stations to crypto- 
maintain a large number of counter values, one for each graphically encode the data stream and with a stream of 
mobile station being served by the base station. Desig- cryptographically encoded data received from the base 
nating the mobile station as the master would thus pre- stations to decode the data into communications infor- 
clude the use of time-shanng and cost-reducing hard- 5 mation. Cryptographically encoded data is transmitted 
ware. It is desirable, instead, to have a single universal on a high data rate message channel from the first base 
counter value in each base station which may be used to station to the mobile station and from the mobile station 
synchronize all of the mobile stations being served by to the first base station. Synchronization information is 
the base station. In sum, upon handoff, the new base periodically transmitted on a low data rate channel 
station must transmit to the mobile station the new 10 from the first base sUtion to the mobile station to main- 
counter value which may then be used, if necessary, to tain the first and second key streams in exact synchroni- 
rcset the counter in the mobile station. nation with one another. A command is sent from the 
Another practical problem m perfonmng handofT of first base station to a second base station and to the 
an encrypted telephone conversation is caused by trans- nj^bile sUtion indicative of a handofT of the mobile 
mission delays in the communications between elements 15 station to a second base station. Uncryptographically 
m the land network, for example, between the base encoded synchronization information is Uansmitted in 
stations and a mobile switching center (MSG) which ^ han^off command on a high data rate 
coordinates the operation of the cellular system. Such ^^^^^^ ^y^^^^ f^^^ ^^^^ ^^ti^n ^he 
delays may prevent the mobUe station from tumng to ^^.^Ue station for a selected period of time. Synchroni- 
the new base station frequency at exactly the same time 20 ^^^^ information U periodically transmitted on a low 
that the new b^e station begins broadcasting the new ^^^^ ^j^^^^, ^^^^ ^^^^^ 
counter value. In particular, the blank and burst data ^^^^^ ^^^^^ ^^^^^ ^^^-^^ ^^^^^ j^^^. 
message commanding the mobile station to tune to a ^^^^ information from the second base station on 

I'nTh^.ldb^e^^^^^^^ ,5 either a high data rate control chamiel or a low bit rate . 

to the old base station and relayed to the mobile station. 25 • «i - j ^ *v- j-*— -.••l * ui- u 

At the same time, the MSG sisals the new base station ^^^"'^^ "P?" ^^^T * 7' ^^^^^sh,s 

to begin broadcasting the new counter value. However. ^ynchromzation between the first pseudorandom key 

the transmission delays in the communications link be- f f^^'^" '^^^^^"^ ^'f^' 

tween the MSG and the old base station are not neces- do-^andom key stream of the mobile station to enable 

sarily the same as the transmission delays in the commu- 30 '^^'^^ !ff'°^'^ cryptographically en- 

nications link between the MSG and the new base sta- ^° the second base station. The transmission 

tion. For example, the former communications link may uncryptographit^ly encoded synchromzation infor- 

not have the same number of signal repeaters as the "^^^^O" « ^^^^1 ^^m said 

latter communications link. Hence, there could be a ^""^ base station to said mobile station is mterrupted 

period of uncertainty from the time the mobile station 35 transmission of cryptographically encoded data 

becomes tuned to the new base station frequency and o" » ^^^^^ message channel is started m 

the time that the new base station begins broadcasting response to cither the receipt by the second base station 

the new counter value. o^ correctly decodable cryptographically encoded data 

One objective of the present invention is to minimize ^^e mobile station or the expiration of said selected 

the interruption of the speech or voice traffic flow upon 40 Period of time. 

handoff by providing a first means for rapidly resyn- 1° another aspect, the invention includes a method 

chronizing a mobile station with a new base station and "^^1 system for resynchronizing the generation of key 

a second means for ensuring resynchronization should stream bits used to cryptographically encode and de- 

the first rapid means fail to achieve resynchronization. co^^e digital communications data transmitted between 

The interruption of speech traffic upon handoff may be 45 *he base stations and the mobile stations of a digital 

further minimized in accordance with the present in- cellular telecommunications system. Synchronization 

vention where the cellular system includes a mechanism information is periodically transmitted on a low data 

for synchronization of the respective base stations. rate channel from said base stations to the mobile sta- 
tions to maintain the key stream in each mobile station 

SUMMARY OF THE INVENTION ^ in exact synchronization with the key stream in the base 

In one aspect the system of the invention includes a station with which it is in communication. Signals indic- 

duplex communication system employing cryptograph- "t^ve of a handofT of a mobile station from a first base 

ically encoded data within a digital cellular telecommu- station to a second base station are responded to by 

nications network in which there is generated in a first interrupting the flow of cryptographically encoded 

and second base station within the network a first pseu- 55 data bits from the second base station to the mobile 

do-random key stream of bits in accordance with an station and instead transmitting synchronization infor- 

aJgorithm. The bits of the first key stream arc combined mation on a high data rate channel to the mobile station 

within the base stations with a stream of data bits carry- for a preselected period of time. Synchronization infor- 

ing communications information to be sent from the mation is continued to be transmitted on a low bit rate 

base stations to a mobile station to cryptographically 60 channel from the second base station to the mobile 

encode the data stream and with a stream of crypto- station. Reception by the second base station of cor- 

graphically encoded data received from the mobile rcctly decodable cryptographically encoded data bits 

station to decode the data into communications infor- from the mobile station, indicating that resynchroniza- 

mation. These is generated in said mobile station a sec- tion has taken place, or the expiration of the preselected 

ond pseudo-random key stream of bits in accordance 65 period of time is responded to by discontinuing trans- 

with the algorithm. The bits of the second key stream mission by the second base station of synchronization 

are combined in the mobile station with a stream of data information on the high bit rate channel and resuming 

bits carrying communications information to be sent transmission of cryptographically encoded message 



05/13/2004, EAST 



Version: 1.4.1 



5,081,679 

7 8 

traffic data bits from the second base station to the connected by communications links, e.g. cables, to each 
mobile station. of the illustrative base stations Bl-BlO and to the fixed 

FRTFFnF<;rRTPTinNnFTMT: nPAWTMr.Q P"^*^^ switching telephone network (PSTN), not 
BRIEF DESCRIPTION OF THE DRAWINGS ^^^^^ ^ ^-^-^^^ ^^^^ ^^^^^^y. ^^^^ .^^^^^^ ^ 

The present invention will be better understood and 5 integrated system digital network GSDN) facility. The 

its numerous objects and advantages will become appar- relevant connections between the mobile switching 

cnt to those skilled in the art by reference to the follow- center MSC and the base stations Bl-B10» or between 

ing drawings in which: the mobile switching center MSC and the PSTN or 

FIG. 1 is a pictorial representation of a cellular radio ISDN, are not completely shown in FIG. 1 but are well 
communications system including a mobile switching 10 known to those of ordinary skill in the art. Similarly, it 
center, a plurality of base stations and a plurality of is also known to include more than one mobile switch- 
mobile stations; ing center in a cellular radio system and to connect each 

FIG. 2 is a schematic block diagram of mobile station additional mobile switching center to a different group 

equipment used in accordance with one embodiment of of base sutions and to other mobile switching centers 

the system of the present invention; 15 via cable or radio links. 

FIG. 3 is a schematic block diagram of base station Each of the cells Cl-ClO is allocated a plurality of 

equipment used in accordance with one embodiment of voice or speech channels and at least one access or 

the system of the present invention; and control channel. The control channel is used to control 

FIG. 4 is a schematic block diagram of a duplex en- or supervise the operation of mobile stations by means 
cryption system constructed in accordance with the 20 of information transmitted to and received from those 
present invention. units. Such information may include incoming call sig- 
DETAILFD DF<?rRlPTinN OF THF Outgoing call signals, page signals, page response 
PRFFFRRFH F^^ registration signals, voice channel as- 
PKEFERRED EMBODIMENT signments, maintenance instructions and "handofT' in- 
Referring first to FIG. 1, there is illustrated therein a 25 structions as a mobile station travels out of the radio 
conventional ccllular radio communications system of a coverage of one cell and into the radio coverage of 
type to which the present invention generally pertains. another cell. The control or voice channels may operate 
In FIG. 1. an arbitrary geographic area may be seen cither in an analog or a digital mode or a combination 
divided into a plurality of contiguous radio coverage thereof. In the digital mode, analog messages, such as 
areas, or cells, Cl-ClO. While the system of FIG. 1 is 30 voice or control signals, are converted to digital signal 
shown to include only 10 cells, it should be clearly representations prior to transmission over the RF chan- 
understood that, in practice, the number of cells may be nel. Purely data messages, such as those generated by 
much larger. computers or by digitized voice devices, may be format - 

Associated with and located within each of the cells ted and transmitted directly over a digital, channel. 
Cl-ClO is a base station designated as a corresponding 35 In a cellular radio system using time division multi- 
one of a plurality of base stations Bl-B 10. Each of the plexing (TDM), a plurality of digital channels may 
base stations Bl-BlO includes a transmitter, a receiver share a common RF channel. The RF channel is di- 
and controller as is well known in the art. In FIG. 1, the vidcd into a series of "lime slots'*, each containing a 
base stations Bl-BlO are located at the center of the burst of information from a different data source and 
cells Cl-ClO. respectively, and are equipped with om- 40 separated by guard time from one another, and the time 
ni-directional antennas. However, in other configura- slots are grouped into "frames" as is well known in the 
tions of the cellular radio system, the base stations art. The number of time slots i>er frame varies depend- 
Bl-BlO may be located near the periphery, or other- ing on the bandwidth of the digital channels sought to 
wise away from the centers of the cells Cl-ClO and be accommodated by the RF channel. The frame may, 
may illuminate the cells Cl-ClO with radio signals ei- 45 for example, consist of three (3) time slots, each of 
ther omni-directionally or directionally. Therefore, the which is allocated to a digital channel. Thus, the RF 
representation of the cellular radio system of FIG. 1 is channel will accommodate three digital channels. In 
for purposes of illustration only and is not intended as a one embodiment of the present invention discussed 
limitation on the possible implementations of the cellu- herein, a frame is designated to comprise three time 
lar radio system. 50 slots. However, the teachings of the present invention 

With continuing reference to FIG. 1, a plurality of should be clearly understood to be equally applicable to 

mobile stations Ml-MlO may be found within the pells a cellular radio system utilizing any number of time slots 

Cl-ClO. Again, only ten mobile stations are shown in per frame. 

FIG. 1 but it should be understood that the actual num- Referring next to FIG. 2, there is shown therein a 

ber of mobile stations may be much larger in practice 55 schematic block diagram of the mobile station equip- 

and will invariably exceed the number of base stations. ment which are used in accordance with one embodi- 

Moreover, while none of the mobile stations Ml-MlO ment of the present invention. The equipment illus- 

may be found in some of the cells Cl-ClO, the presence trated in FIG. 2 may be used for communication over 

or absence of the mobile stations Ml-M 10 in any partic- digital channels. A voice signal detected by a micro- 

ular one of the cells Cl-ClO should be understood to 60 phone 100 and destined for transmission by the mobile 

depend, in practice, on the individual desires of each of station is provided as input to a speech coder 101 which 

the mobile sutions Ml-M 10 who may roam from one converts the analog voice signal into a digital data bit 

location in a cell to another or from one cell to an adja- stream. The data bit stream is then divided into data 

cent or neighboring cell. packets or messages in accordance with the time divi- 

Each of the mobile stations Ml-MlO is capable of 65 sion multiple access (TDM A) technique of digital com- 

initialing or receiving a telephone call through one or munications. A fast associated control channel 

more of the base stations Bl-BlO and a mobile switch- (FACCH) generator 102 exchanges control or supervi- 

ing center MSC. The mobile switching center MSC is sor>' messages with a base station in the cellular radio 
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system. The conventional FACCH generator operates 
in a "blank and burst" fashion whereby a user frame of 
data is muted and the control message generated by the 
FACCH generator 102 is transmitted instead at a fast 
rate. 5 

In contrast to the blank and burst operation of the 
FACCH generator 102, a slow associated control chan- 
nel (SACCH) generator 103 continuously exchanges 
control messages with the base station. The output of 
the SACCH generator is assigned a fixed length byte, 10 
e.g. 12 bits, and included as a part of each time slot in 
the message train (frames). Channel coders 104. 105, 106 
are connected to the speech coder 101, FACCH genera- 
tor 102 and SACCH generator 103, respectively. Each 
of the channel coders 104, 105, 106 performs error de- 15 
tection and recovery by manipulating incoming data 
using the techniques of convolutional encoding, which 
protects important data bits in the speech code, and 
cyclic redundancy check (CRC), wherein the most 
significant bits in the speech coder frame, e.g., 12 bits, 20 
are used for computing a 7 bit error check. 

Referring again to FIG. 2, the channel coders 104, 
105 are connected to a multiplexer 107 which is used for 
time division multiplexing of the digitized voice mes- 
sages with the FACCH supervisory messages. The 25 
output of the multiplexer 107 is coupled to a 2-burst 
interlevcr 108 which divides each data message to be 
transmitted by the mobile station (for example, a mes- 
sage containing 260 bits) into two equal but separate 
parts (each part containing 130 bits) arranged in two 30 
consecutive time slots. In this manner, the deteriorative 
effects ofRayleigh fading may be significantly reduced. 
The output of the 2-burst interleaver 108 is provided as 
input to a modulo-2 adder 109 where the data to be . 
transmitted is ciphered on a bit-by-bit basis by logical 35 
modulo-2 addition with a pseudo-random keystream 
which may be generated in accordance with the system 
described in the co-pending U.S. patent application 
entitled "Encryption System for Digital Cellular Com- 
munications**, referred to above. 40 

The output of the channel coder 106 is provided as 
input to a 22-burst interleaver 110. The 22-burst inter- 
leaver 110 divides the SACCH data into 22 consecutive 
time slots, each occupied by a byte consisting of 12 bits 
of control information. The interleaved SACCH data 45 
forms one of the inputs to a burst generator 111. An- 
other input to the burst generator 111 is provided by the 
output of the modulo-2 adder 109. The burst generator 
111 produces "message bursts** of data, each consisting 
of a time slot identifier (TI), a digital verification color 50 
code (DVCC), control or supervisory information and 
the data to be transmitted, as funher explained below. 

Transmitted in each of the time slots in a frame is a 
time slot identifier (TI), which is used for time slot 
identification and receiver synchronization, and a digi- 55 
tal verification color code (DVCC), which ensures that 
the proper RF channel is being decoded. In the exem- 
plary frame of the present invention, a set of three dif- 
ferent 28-bit TIs is defined, one for each time slot while 
an identical 8-bit DVCC is transmitted in each of the 60 
three time slots. The TI and DVCC are provided in the 
mobile station by a sync word/DVCC generator 112 
connected to the burst generator 111 as shown in FIG. 
2. The burst generator 111 combines the outputs of the 
modulo-2 adder 109, the 22-burst interleaver 110 and 65 
the sync word/DVCC generator 112 to produce a se- 
ries of message bursts, each comprised of data (260 bits), 
SACCH information (12 bits), TI (28 bits), coded 



DVCC (12 bits) and 12 delimiter bits for a total of 324 
bits which may be integrated according to the time slot 
format specified by the ElA/TIA IS-54 standard. 

Each of the message bursts is transmitted in one of the 
three time slots included in a frame as discussed herein- 
above. The burst generator 111 is connected to an 
equalizer 113 which provides the timing needed to syn- 
chronize the transmission of one time slot with the 
transmission of the other two time slots. The equalizer 
113 detects timing signals sent from the base station 
(master) to the mobile station (slave) and synchronizes 
the burst generator 111 accordingly. The equalizer 113 
may also be used for checking the values of the TI and 
the DVCC. The burst generator 111 is also connected 
to a 20 ms frame counter 114 which is used to update a 
ciphering code that is applied by the mobile station 
every 20 ms, i.e., once for every transmitted frame. The 
ciphering code is generated by a ciphering unit 115 with 
the use of a mathematical algorithm and under the con- 
trol of a key 116 which is unique to each mobile station. 
The algorithm may be used to generate a pseudo-ran- 
dom keystream in accordance with the system de- 
scribed in the co-ending U.S. patent application entitled 
"Encryption System for Digital Cellular Communica- 
tions**. 

The message bursts produced by the burst generator 
110 are provided as input to an RF modulator 117. The 
RF modulator 117 is used for modulating a carrier fre- 
quency according to the ir/4-DQPSK technique {tt/A 
shifted, differentially encoded quadrature phase shift 
key). The use of this technique implies that the informa- 
tion to be transmitted by the mobile station is differen- 
tially encoded, i.e., two bit symbols are transmitted as 4 
possible changes in phase: -(- or — 7r/4 and + or 
— 37r/3. The carrier frequency for the selected transmit- 
ting channel is supplied to the RF modulator 117 by a 
transmitting frequency synthesizer 118. The burst mod- 
ulated carrier signal output of the RF modulator 117 is 
amplified by a power amplifier 119 and then transmitted 
to the base station through an antenna 120. 

The mobile station receives burst modulated signals 
from the base station through an antenna 121 connected 
to a receiver 122. A receiver carrier frequency for the 
selected receiving channel is generated by a receiving 
frequency synthesizer 123 and supplied to a an RF de- 
modulator 124. The RF demodulator 124 is used to 
demodulate the received carrier signal into an interme- 
diate frequency signal. The intermediate frequency 
signal is then demodulated further by an IF demodula- 
tor 125 which recovers the original digital information 
as it existed prior to 7r/4-DQPSK modulation. The 
digital information is then passed through the equalizer 
113 to a symbol detector 126 which converts the two- 
bit symbol format of the digital data provided by the 
equalizer 114 to a single bit data stream. 

The symbol detector 126 produces two distinct out- 
puts: a first output, comprised of digitized speech data 
and FACCH data, and a second output, comprised of 
SACCH data. The first output is supplied to a modulo-2 
adder 127 which is connected to a 2-burst deinterleaver 
128. The modulo-2 adder 127 is connected to the cipher- 
ing unit 115 and is used to decipher the encrypted trans- 
mitted data by subtracting on a bit-by-bit basis the same 
pseudo-random keystream used by the transmitter in the 
base station to encrypt the data. The modulo-2 adder 
127 and the 2-bur5t deinterleaver 128 reconstruct the 
speech/FACCH data by assembling and rearranging 
information derived from two consecutive frames of the 
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digital data. The 2-burst dcinterleavcr 12S is coupled to vide an output to the microprocessor 134'. Other difTer- 

two channel decoders 129, 130 which decode the con- cnces in equipment between the mobile station the base 

volutionally encoded speech/FACCH data using the station may exist which are well known in the art. 

reverse process of coding and check the cyclic redun* The discussion thus far has focused on the operational 

dancy check (CRC) bits to determine if any error has 5 environment of the system of the present invention. A 

occurred. The channel decoders 129, 130 detect distinc- specific description of a particular embodiment of the 

tions between the speech data on the one hand, and any present invention follows. As disclosed above and used 

FACCH data on the other, and route the speech data hereinafter, the term "keystrcam" means a pseudo-ran- 

and the FACCH data to a speech decoder 131 and an dom sequence of binary bits or blocks of bits used to 

FACCH detector 132, respectively. The speech de- 10 encipher a digitally encoded message or data signal 

coder 131 processes the speech data supplied by the prior to transmission or storage in a medium which is 

channel decoder 129 in accordance with a speech coder susceptible to unauthorized access, e.g., an RF channel, 

algorithm, c.g. VSELP, and generates an analog signal A "keystream generator" means a device which gener- 

Tcprcscntativc of the speech signal transmitted by the ates a keystream by processing a secret key comprised 

base station and received by the mobile station. A filter- 15 of a plurality of bits. Encryption may be simply per- 

ing technique may then be used to enhance the quality formed by a modulo-2 addition of the keystream to the 

of the analog signal prior to broadcast by a speaker 133. data to be encrypted. Similarly, decryption may be 

Any FACCH messages detected by the FACCH detec- performed by a modulo-2 subtraction of an identical 

tor 132 are forwarded to a microprocessor 134, copy of the keystream from the encrypted data. In the 

The second output of the symbol detector 126 20 description which follows, the words "encryption", 

(SACCH data) is supplied to a 22-burst dcinterleaver "cryptographically encode", **encipher" and "scram- 

135. The 22-burst interleaver 135 reassembles and rear- ble" and their derivatives are used interchangeably, 
ranges the SACCH data which is spread over 22 con- Generally speaking, the keystream generator pro- 
secutive frames. The output of the 22-burst deinter- vides a mechanism, represented by elements 115 and 
leaver 135 is provided as input to a channel decoder 25 115' of FIGS. 2 and 3, respectively, for expanding a 

136. SACCH messages are delected by an SACCH relatively small number of secret bits, i.e., the secret 
detector 137 and the control information is transferred key, represented by elements 116 and 116', into a much 
to the microprocessor 134. larger number of keystream bits which are then used to 

The microprocessor 134 controls the activities of the encrypt data messages prior to transmission (or stor- 

mobile station and communications between the mobile 30 age). To decrypt an encoded message, the receiver must 

station and the base station. Decisions are made by the "know" the index to the keystream bits used to encrypt 

microprocessor 134 in accordance with messages re- the message. In other words, the receiver must not only 

ceived from the base station and measurements per- have the same keystream generator and generate the 

formed by the mobile station. The microprocessor 134 same keystream bits as the transmitter, but also, the 

is also provided with a terminal keyboard input and 35 receiver keystream generator must be operated in syn- 

display output unit 138. The keyboard and display unit chronism with the transmitter keystream generator if 

138 allows the mobile station user to exchange informa- the message is to be properly decoded. Synchronization 

tion with the base station. is normally achieved by continuously transmitting from 

Referring next to FIG. 3, there is shown a schematic the encoding system to the decoding system the con- 
block diagram of the base station equipment which are 40 tents of every internal memory device, such as bit, 
used in accordance with the present invention. A com- block or message counters, which participate in the 
parison of the mobile station equipment shown in FIG. generation of the keystream bits. Synchronization may 
2 with the base station equipment shown in FIG. 3 be simplified, however, by using arithmetic bit block 
demonstrates that much of the equipment used by the counters, such as binary counters, and incrementing 
mobile station and the base station are substantially 45 those counters by a certain amount each time a new 
identical in construction and function. Such identical block of keystream bits is produced. Such counters may 
equipment are, for the sake of convenience and consis- form a part of a real-time, i.e. hours, minutes and sec- 
Icncy, designated with the same reference numerals in onds, clock chain. A keystream generator relying on the 
FIG. 3 as those used in connection with FIG. 2, but are latter type of counters is known as the "time-of-day" 
differentiated by the addition of a prime O in FIG. 3. 50 driven keystream generator to which reference was 

There arc, however, some minor differences between made hereinabove, 
the mobile station and the base station equipment. For In general, the present invention uses a duplex cipher 
instance, the base station has, not just one but, two keystream generator so that synchronization in either 
receiving antennas 121'. Associated with each of the the direction of base station to mobile station or the 
receiving antennas 121* are a receiver 122', an RF de- 55 direction of mobile station to base station also estab- 
modulator 124', and an IF demodulator 125'. Further- lishes synchronization in the other direction. At the 
more, the base station includes a programmable fre- instant of handofT, a rapid first resynchronization means 
quency combiner 118 A' which is connected to a trans- temporarily seizes the voice channel in one direction 
milting frequency synthesizer 118'. The frequency com- only, e.g., base station to mobile station, and transmits 
biner 118A' and the transmitting frequency synthesizer 60 synchronization information, e.g., the new base station 
118' carry out the selection of the RF channels to be counter value, in such one direction. The first resyn- 
used by the base station according to the applicable chronization means ceases to transmit the synchroniza- 
cellular frequency reuse plan. The base station, how- tion information and releases such one direction of the 
ever, does not include a user keyboard and display unit voice channel as soon as an indicator of successful re- 
similar to the user keyboard and display unit 138 present 65 synchronization is detected in the other direction, e.g. 
in the mobile station. It does however include a signal receipt of correctly encrypted speech from the mobile 
level meter 100' connected to measure the signal re- station. Transmission of speech traffic in such one direc- 
ccived from each of the two receivers 122' and to pro- tion is then resumed after such detection of successful 
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resynchronization. To avoid occupying such one direc- tion with FIG. 4 their operation and function has al- 
tion with continuous transmission of the synchroniza- ready been discussed above. 

tion information in the event successful resynchroniza- During handofT of a mobile station from an old base 
tion has occurred but has not been detected due to station to a new base station^ the old base station sends 
faulty transmission in the other direction^ an upper limit S a handofT command to the mobile station as discussed 
is set on the length of time which the first rapid syn- hereinbefore. The handofT command includes certain 
chronization means may cease such one direction. Such identification information, such as the relevant fre- 
length of time (timeout) is sufficient, in the face of net- quency or time slot number, which may be used by the 
work delay uncertainties, to ensure that the mobile -mobile station to recognize and tune to the new base 
station has tuned to the new base station long enough to 10 station. Upon receipt of the handoff command, the mo- 
receive at least one transmission of synchronization bile station will tune to the new base station frequency 
information. After timeout, resynchronization informa- or time slot. In some prior art systems, the mobile sta- 
tion may be provided by a second resynchronization tion will also immediately begin transmitting over the 
means at a slower rate through a slow associated con- new base station frequency or time slot, thereby sever- 
trol channel (SACCH) bit stream which is multiplexed IS ing all contact with the old base station. Is any event, at 
with the traffic data. the conclusion of handoff, the mobile station is ready to 

Referring now to FIG. 4, there is shown therein a receive transmissions from the new base station and to 
schematic block diagram of a duplex encryption system transmit on the new base station frequency. Similarly, 
constructed in accordance with the present invention. die new base station is ready to transmit to, and to re- 
The encryption system shown in FIG. 4 is used for the 20 ceive transmissions from, the mobile station, 
encryption and decryption of speech traffic in both If the cellular system does not include a synchroniza- 
directions of a voice channel, i.e., the direction of base tion mechanism which ensures that the keystream gen- 
station to mobile station and the direction of mobile erators of the new and old base stations are in synchro- 
station to base station. Keystream generators 201, 202 nization, for example, that the value of the new base 
produce a number 2N of pseudo-random output bits 25 station block counter is the same as the value of the old 
(keystream) at the mobile station and base station, re- base station block counter, the keystream generator at 
spectively. The pseudo-random bits are a function of a the mobile station will be out of synchronization with 
plurality of fixed bits and a plurality of variable bits the keystream generator at the new base station foUow- 
which change after the production of each block of 2N ing handoff. To restore synchronization in such instance 
bits. The fixed bits may include, for example, the bits of 30 and in accordance with the present invention, the new 
a secret key 215. The variable bits may include the state base station will transmit synchronization information, 
values of block counters 207, 208, but may, more gener- for example, the current value of the block counter in 
ally, include the state values of some or all of the flip- the new base station, to the mobile station over a high 
flops or internal memory devices associated with the data rate control channel, such as the fast associated 
keystream generators 201, 202 respectively. At one end 35 control channel (FACCH), in the blank and burst fash- 
of the communications link, e.g., the base station, the ion previously discussed in connection with FIGS. 2-3. 
first N pseudo-random bits in the block of 2N bits is The synchronization information is transmitted unenci- 
used for encryption while the second N pseudo-random phered so that it may be understood and acted upon by 
bits is used for decryption. At the other end, e.g., the the mobile station even in the absence of cipher syn- 
mobile station, the use is reversed, i.e., the first N bits (1 40 chronization. Additionally^ the new base station simul- 
to N) are used for decryption and the second N bits taneously transmits the same synchronization informa- 
(N + 1 to 2N) are used for encryption, tion on a low data rate control channel, such as the 

Encryption and decryption may be performed by slower sub-multiplexed SACCH also discussed in con- 
bitwise moduIo-2 addition of the keystream bits to a nection with FIGS. 2-3. The mobile station scans the 
sequence of message or FACCH bits in moduIo-2 ad- 45 FACCH and the SACCH for transmissions of the syn- 
ders 203, 206, respectively, at one end of the communi- chronization information and, upon detecting either, 
cations link and modulo-2 adders 205, 204, respectively, uses the synchronization information to resynchronize 
at the other end. Each of the moduIo-2 adders 203, 204, the mobile station keystream generator, for example, to 
205, 206 may be constructed from a plurality of Exclu- update the value of the mobile station block counter, 
sive OR (XOR) gates. Since modulo-2 addition and 50 The mobile station may thereafter transmit correctly 
modulo-2 subtraction are identical operations, the sec- enciphered message and/or FACCH traffic to the new 
end addition at the receiver of the same keystream used base station over a high data rate message channel, 
for encryption at the transmitter recovers the original Upon detecting the reception of correctly enciphered 
message or FACCH bits. Such bit-by-bit encryption/- traffic from the mobile station, the base station ceases 
decryption technique exhibits increased tolerance for 55 transmission of the unencrypted synchronization infor- 
radio transmission errors in that an erroneously re- mation over the FACCH and begins transmission of 
ceived bit results in only one bit error after decryption. encrypted message or FACCH traffic to the mobile 
The particular encryption/decryption technique, how- station which is now able to decrypt such traffic. Thus, 
ever, is not integral to the operation of the present in- the duplex conwnunications link between the base sta- 
vention and the keystream bits may equally be used, for 60 tion and the mobile station is reestablished, 
example, to control the order in which the message or Should the detection of correctly enciphered traffic 
FACCH bits are included in the transmitted signal, i.e., from the mobile station to the base station be delayed 
transposition. Similarly, a combination of the modulo-2 for any reason, for example, because of interference 
addition and the transposition techniques may be used which is present only in the reverse channel, i.e., in the 
without departing from the teachings of the present 65 direction ofmobile station to base station, it is not desir- 
invention. It will be noted that numerous ones of the able that the forward channel, i.e., base station to mobile 
components shown in FIG. 4 are similarly shown in station, continue to transmit synchronization informa- 
FIGS. 1-3 and, even though not discussed in connec- tion over the FACCH indefmitely since the blank and 
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burst FACCH transmission format mutes the speech 
and disrupts trafTic flow in both directions. Conse- 
quently, after a certain number of FACCH transmis- 
sions of the synchronization information (the timeout 
period), the base station, in accordance with the present 3 
invention, ceases further FACCH transmission of the 
synchronization information and resumes transmission 
of encrypted message or FACCH traffic. Beyond the 
desire to minimize interruption of the speech traffic, 
there arc other reasons which support the latter ap- 
proach. First, because of potential delays in the direc- 
tion mobile station to new base station, the possibility 
cxiste that the synchronization information has been 
received by the mobile station over the FACCH but 
that properly encrypted transmissions from the mobile 
station have been delayed. Second, even if the FACCH 
transmission of the synchronization information fails, 
resynchronization of the mobile station may neverthe- 
less be achieved with the SACCH transmissions of the 
same synchronization information. 

It will be appreciated that the length of the timeout is 
a network parameter which may be selectively changed 
to fit individual circumstances. In the extreme case 
where the cellular system includes a synchronization 
mechanism that ensures global synchronization of all 
the base stations, transmission of synchronization infor- 
mation over the FACCH is not necessary, i.e., the time- 
out length will be zero and traffic interruption will be 
kept to an absolute minimum. 

In the general case where the base stations are not 
synchronized with one another, it may occur that, upon 
handofr and resynchronization in accordance with the 
present invention, the keystream generator at the mo- 
bile station is reset, for example, the mobile station 33 
block counter is reset, to a previous state. To prevent 
replication of a previously used keystream pattern, a 
handoff counter may be included in each of the base 
station and the mobile station. The handoff counter is 
initialized at call set up and incremented with each 4^ 
handoff. The output of the handoff counter is provided 
as input to the keystream generator in such a way that 
the output bit sequence produced is totally different for 
each different counter value. 

The foregoing description shows only certain partic- 45 
ular embodiments of the present invention. However, 
those skilled in the art will recognize that many modifi- 
cations and variations may be made without departing 
substantially from the spirit and scope of the present 
invention. Accordingly, it should be clearly understood 50 
that the form of the invention described herein is exem- 
plary only and is not intended as a limitation on the 
scope of the invention as defined in the following 
claims. 

What is claimed is: 55 
1. In a duplex communication system employing 
cryptographically encoded data within a digital cellular 
telecommunications network, a method which com- 
prises: 

generating in a first base station within said network 60 
a first pseudo-random key stream of bits in accor- 
dance with an algorithm; 

combining in said first base station bits of said first 
key stream with a stream of data bits carrying com- 
munications information to be sent from said first 65 
base station to a mobile station to cryptographi- 
cally encode said data stream and with a stream of 
cryptographically encoded data received from said 



mobile station to decode said data into communica- 
tions information; 
generating in said mobile station a second pseudo-ran- 
dom key stream of bits in accordance with said 
algorithm; 

combining in said mobile station bits of said second 
key stream with a stream of data bits carrying com- 
munications information to be sent from said mo- 
bile station to said first base station to cryptograph- 
ically encode said data stream and with a stream of 
cryptographically encoded data received from said 
first base station to decode said data into communi- 
cations information; 

transmitting cryptographically encoded data on a 
high data rate message channel from said first base 
sution to said mobile station and from said mobile 
station to said first base station; 

periodically transmitting synchronization informa- 
tion on a low data rate control channel from said 
first base station to said mobile station to synchro- 
nize said first and second key streams with one 
another; 

sending a command from said first base station to said 
mobile station indicative of a handoff of said mobile 
station to a second base station; 

generating in said second base station a third pseudo- 
random key stream of bits in accordance with said 
algorithm; 

transmitting for a selected period of time in response 
to said handoff command uncryptographically 
encoded synchronization information on a high 
data rate control channel from said second base 
station to said mobile station to synchronize said 
. second and third key streams with one another; 

periodically transmitting synchronization informa- 
tion on a tow data rate control channel from said 
second base station to said mobile station to syn- 
chronize said second and third key streams with 
one another; 

searching within said mobile station for synchroniza- 
tion information from said second base station on 
either said high data rate control channel or said 
low data rate control channel and, upon the detec- 
tion of either, synchronizing said second pseudo- 
random key stream of said mobile station with said 
third pseudo-random keystream of said second base 
station; 

interrupting the transmission of uncryptographically 
encoded synchronization information on said high 
data rate control channel from said second base 
station to said mobile station and beginning the 
transmission of cryptographically encoded data on 
a high data rate message channel in response to 
cither the receipt by said second base station of 
correctly decodable cryptographically encoded 
data from said mobile station or the expiration of 
said selected period of time, 

2. In a duplex communication system employing 
cryptographically encoded data within a digital cellular 
telecommimications network, the method set forth in 
claim 1 wherein: 

said high data rate control channel is the fast associ- 
ated control channel and said low data rate control 
channel is the slow associated control channel. 

3. In a duplex communication system employing 
cryptographically encoded data within a digiul cellular 
telecommunications network, the method set forth in 
claim 1 wherein: 
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said preselected period of time is defined by a prese* 
lected number of transmissions of uncryptograph- 
ically encoded synchronization information on said 
high data rate control channel 

4. In a duplex communication system employing 5 
cryptographically encoded data within a digital cellular 
teleconmiunications network, the method set forth in 
claim 1 which also includes: 

interrupting the transmission of uncryptographically 
encoded synchronization information on said high 10 
data rate control channel from said second base 
station to said mobile station and beginning the 
transmission of cryptographically encoded data on 
said high data rate message channel when said first 
and third pseudo-random key streams in said first IS 
and second base stations, respectively, are synchro- 
nized with one another. 

5. In a duplex communication system employing 
cryptographically encoded data within a digital cellular 
telecommunications network, the method set forth in 20 
claim 1 wherein: 

each of said steps of generating one of said first, sec- 
ond and third pseudo-random key streams in accor- 
dance with said algorithm includes maintaining a 
value stored within a handoff counter, generating 25 
said one of said pseudo-random key streams as a 
function of the value stored in said counter, initial- 
izing the value stored in said counter upon call set 
up to said mobile station and incrementing the 
value stored in said counter each time the mobile 30 
station is handed off to a new base station during a 
call. 

6. In a duplex communication system employing 
cryptographically encoded data within a digital cellular 
teleconmiunications network, the method set forth in 35 
claim 1 in which: 

each of said steps of p>eriodically transmitting syn- 
chronization information on said low data rate 
control channel from one of said first and second 
base stations to said mobile station includes inter- 40 
spersing said information with said transmissions of 
cryptographically encoded data thereto. 

7. In a duplex communication system employing 
cryptographically encoded data within a digital cellular 
telecommunications network, the method set forth in 45 
claim 1 in which: 

each of said steps of generating one of said first, sec- 
ond and third pseudo-random keystreams in accor- 
dance with said algorithm includes storing a multi- 
bit digital value within a register and generating SO 
said one of said key streams as a function of the 
value stored within said register; and 

each of said steps of periodically transmitting syn- 
chronization information from one of said first and 
second base stations to said mobile station includes 55 
transmitting the value stored within the register of 
said one of said base stations to said mobile station 
for comparison with the value stored within the 
register of said mobile station to determine if key 
streams generated in said one of said base stations 60 
and said mobile station are in synchronism with one 
another. 

8. In a duplot communication system employing 
cryptographically encoded data within a digital cellular 
telecommunications network, the method set forth in 65 
claim 1 in which: 

the bits of said first, second and third pseudo-random 
key streams are combined with said streams of data 
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bits carrying information to alter the order thereof 
and with said streams of cryptographically en- 
coded data to restore the original order thereof 

9. In a dulex communication system employing cryp- 
tographically encoded data within a digital cellular 
telecommunications nework, the method set forth in 
claim 1 in which: 

the bits of said first, second and third pseudo-random 
key streams are combined with said streams of data 
bits carrying information by modulo-2 addition and 
with said streams of cryptographically encoded 
data by modulo-2 subtraction. 

10. A duplex communication system employing cryp- 
tographically encoded data within a digital cellular 
telecommunications network, comprising: 

means for generating in a first base station within said 
network a first pseudo-random key stream of bits in 
accordance with an alogrithm; 

means for combining in said first base station bits of 
said first key stream with a stream of data bits car- 
rying communications information to be sent from 
said first base station to a mobile station to crypto- 
graphically encode said data stream and with a 
stream of cryptographically encoded data received 
from said mobile station to decode said data into ' 
communications information; 

means for generating in said mobile station a second 
pseudo-random key stream of bits in accordance 
with said algorithm; 

means for combining in said mobile station bits of said 
second key stream with a stream of data bits carry- 
ing communications information to be sent from 
said mobile station to said first base station to cryp- 
tographically encode said data stream and with a 
stream of cryptographically encoded data received 
from first base station to decode said data into 
conmiunications information; 

means for transmitting cryptographically encoded 
data on a high data rate message channel from said 
first base station to said mobile station and from 
said mobile station to said first base station; 

means for periodically transmitting synchronization 
information on a low data rate control channel 
from said first base station to said mobile station to 
synchronize said first and second key streams with 
one another; 

means for sending a command from said first base 
station to a second base station and to said mobile 
station indicative of a handoff of said mobile station 
to said second base station; 

means for generating in said second base station a 
third pseudo-random key stream of bits in accor- 
dance with said alogorithm; 

means for transmitting for a selected period of time in 
response to said handoff command uncryptograph- 
ically encoded synchronization information on a 
high data control channel from said second base 
station to said mobile station to synchronize said 
second and third key streams with one another; 

means for periodically transmitting synchronization 
information on a low data control channel from 
said second base station to said mobile station to 
synchronize said second and third key streams with 
one another; 

means for searching within said mobile station for 
synchronization information from said second base 
station on either said high data rate control channel 
or said low data rate control channel and, upon the 
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detection of cither, synchronizing said second 
ps«udo-random key stream of said mobile station 
with said third pseudo-random keystream of said 
second base station; 
means for interrupting the transmission of uncrypto- 5 
graphically encoded synchronization information 
on said high data rate control channel from said 
second base station to said mobile station and be- 
ginning the transmission of cryplographically en- 
coded data on a high data rate message channel in ^0 
response to either the receipt by said second base 
station of correctly decodable crytographically 
encoded data from said mobile station or the expi- 
ration of said selected period of time. 

11. A duplex communication system employing 
crytographically encoded data within a digital cellular 
telecommunications network, as set forth in claim 10 
wherein: 

said high data rate control channel is the fast associ- 
ated control channel. 

12. A duplex communcations system employing cryp- 
tographicaily encoded data within a digital cellular 
telecommunications network, as set forth in claim 11 
wherein: 

said low data rate control channel is the slow associ- 
ated control channel. 

13. A duplex communication system employing 
crytographically encoded data within a digital cellular 
telecommunications network, as set forth in claim 10 
wherein: 

said preselected period of time is defined by a prese- 
lected number of transmissions of uncryptograph- 
ically encoded synchronization information on said 
high data rate control channel. 35 

14. A duplex communication system employing cryp- 
tographicaily encoded data within a digital cellular 
telecommunications network, as set forth in claim 10 
which also includes: 

means for interrupting the transmission of uncrypto- 4^ 
graphically encoded synchronization information 
on said high data rate control channel from said 
second base station to said mobile station and be- 
gining the transission of cryptographically enoded 
data on said high data rate message channel in 45 
response to the synchronization of said first and 
third pseudo-random key streams in said first and 
second base stations, respectively. 

15. A duplex communication system employing cryp- 
tographically encoded data within a digital cellular 50 
telecommunications network, as set forth in claim 10 
wherein: 

each of said means for generating one of said first, 
second and third pseudo-random key streams in 
accordance with said alogorithm includes means 55 
for maintaining a value stored within a handoff 
counter, means for generating said one of said pseu- 
do-random key streams as a function of the value 
stored in said counter, means for initalizing the 
value stored in said counter upon call set up to said 60 
mobile station and means for incrementing the 
value stored in said counter each time the mobile 
station is handed off to a new base station during a 
call 

16. A duplex communication system employing cryp* 65 
tographicaily encoded data within a digital cellular 
telecommunications network, as set forth in claim 10 in 
which: 
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each of said means for periodically transmitting syn- 
chronization information on said low data rate 
control channel from one of said first and second 
base stations to said mobile station includes means 
for interspersing said information with said trans- 
missions of cryptographically encoded data 
thereto. 

17. A duplex communication system employing cryp- 
tographically encoded data within a digital cellular 
telecommunications network, as set forth in claim 10 in 
which: 

each of said means for generating one of said first, 
second and third pseudo-random keystreams in 
accordance with said alogorith includes means for 
storing a multibit digital value within a register and 
means for generating said one of said key streams as 
a function of the value stored within said register; 
and 

each of said means for periodically transmitting syn- 
chronization information from one of said first and 
second base stations to said mobile station includes 
means for transmitting the value stored within the 
register of said one of said base stations to said 
mobile station for comparison with the value 
stored within the register of said mobile station to 
determine whether the key streams generated in 
said one of said base stations and said mobile station 
are in synchronism with one another. 

18. A duplex communication system employing cryp- 
tographically encoded data within a digital cellular 
telecommunications network, as set forth in claim 10 in 
which: 

the bits of said first, second and third pseudo-random 
key streams are combined with said streams of data 
bits carrying information to alter the order thereof 
and with said streams of cryptographically en- 
coded data to restore the original order thereof. 

19. A dulpex communication system employing cryp- 
tographically encoded data within a digital cellular 
telecommunications network, as set forth in claim 10 in 
which: 

the bits of said fu-st, second and third pseudo-random 
key streams are combined with said streams of data 
bits carrying information by modulo-2 addition and 
with said streams of cryptographically encoded 
data by modulo-2 subtraction. 

20. A method for rcsynchronizing the generation of 
key stream bits used to cryptographically encode and 
decode digital communications .data transmitted be- 
tween the base stations and the mobile stations of a 
digital cellular teleconmiunications system which com- 
prises: 

periodically transmitting synchronization informa- 
tion on a low bit rate channel from said base sta- 
tions to said mobile stations to maintain the key 
stream in each mobile station in exact synchroniza- 
tion with the key stream in the base sution with 
which it is in communication; 

responding to signals indicative of a handoff of a 
mobile station from a first base station to a second 
base station by interrupting the flow of crypto- 
graphically encoded data bits from the second base 
station to the mobile station and instead transmit- 
ting synchronization information on a high bit rate 
channel to the mobile station for a preselected 
period of time; 
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continuing to periodically transit synchronization 
information on a low bit rate channel froni the 
second base station to the mobile station; and 

responding to cither reception by the second base 
station of correctly decodable cryptographically 5 
encoded data bits from the mobile station, indicat- 
ing that resynchronization has taken place, or the 
expiration of the preselected period of time by 
discontinuing transmission by the second base sta- 
tion of synchronization information on the high bit 10 
rate channel and resuming transmission of crypto- 
graphically encoded data bits from the second base 
station to the mobile station. 

21. A method for resynchronizing the generation of 
key stream bits used to cryptographically encode and 15 
decode digital communications data transmitting be- 
tween the base stations and the mobile stations of a 
digital cellular telecommunications system as set forth 

in claim 20 wherein: 
said high bit rate channel upon which synchroniza- 20 
tion information is transmitted from the second 
base station to the mobile station after handoff is 
the fast associated control channel 

22. A method for resynchronizing the generation of 
key stream bits used to cryptographically encode and 25 
decode digital communications data transmitted be- 
tween the base stations and the mobile stations of a 
digital cellular telecommunications system as set forth 

in claim 20 wherein: 
said low bit rate channel upon which synchronization 30 
information is periodically transmitted from the 
base stations to the mobile stations is the slow asso- 
- ciated control channel. 

23. A method for resynchronizing the generation of 
key stream bits used to cryptographically encode and 35 
decode digital communications data transmitted be- 
tween the base stations and the mobile stations of a 
digital cellular telecommunications system as set forth 

in claim 20 wherein: 
said preselected period of time is defmed by a prese- 40 
lected number of transmissions of uncryptograph- 
ically encoded synchronization information on the 
high bit rate channel. 

24. A method for resynchronizing the generation of 
key stream bits used to cryptographically encode and 45 
decode digital communications data transmitted be- 
tween the base stations and the mobile stations of a 
digital cellular telecommunications system as set forth 

in claim 20 which also includes: 
maintaining a value in a handoff counter which is SO 
indicative of the number of times each mobile sta- 
tion has been handed off from one base station to 
another base station since call set up and using that 
value to modify the key stream bits used to encode 
and decode the data bits transmitted between the 55 
base stations and the mobile stations and to prevent 
the reuse of the same pseudo-random key stream 
bit pattern a second time during the same call. 

25. A system for resynchronizing the generation of 
key stream bits used to cryptographically encode and 60 
decode digital communications data transmitted be- 
tween the base stations and the mobile stations of a 
digital cellular telecommunications system which com- 
prises: 

means for periodically transmitting synchronization 65 
information on a low bit rate channel from said 
base stations to the mobile stations to maintain the 
key stream in each mobile station in exact synchro- 
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nization with the key stream in the base station 
with which it is in communication; 

means for responding to signals indicative of a hand- 
off of a mobile station from a first base station to a 
second base station by interrupting the flow of 
cryptographically encoded data bits from the sec- 
ond base station to the mobile station and instead 
transmitting synchronization information on a high 
bit rate channnet to the mobile station for a prese- 
nted period of time; 

means for countinuing to periodically transmit syn- 
chronization information on a low bit rate channel 
from the second base station to the mobile station; 
and 

means responsive to either reception by the second 
base station of correctly decodable cryptographi- 
cally encoded data bits from the mobile station, 
indicating that resynchronization has taken place, 
or the expiration of the preselected period of time 
for discontinuing transmission by the second base 
station of synchronization information on the high 
bit rate channel and resuming transmission of cryp- 
tographically encoded data bits from the second 
base station to the mobile station. 

26. A system for resynchronizing the generation of 
key stream bits used to cryptographically encode and 
decode digital communications data transmitted be- 
tween the base stations and the mobile stations of a 
digital cellular teleconununications system as set forth 
in claim 25 wherein: 

said high bit rate channel upon which synchroniza- 
tion information is transmitted from the second 
base station to the mobile sUtion after handoff is 
. the fast associated control channel. 

27. A system for resynchronizing the generation of 
key stream bits used to cryptographically encode and 
decode digital coummunications data transmitted be- 
tween the base stations and the mobile stations of a 
digital cellular telecommunications system as set forth 
in claim 25 wherein: 

said low bit rate channel upon which synchronization 
information is periodically transmitted from the 
base stations to the. mobile stations is the slow asso- 
ciated control channel. 

28. A system for resynchronizing the generation of 
key stream bits used to cryptographically encode and 
decode digital communications data transmitted be- 
tween the base stations and the mobile stations of a 
digital cellular telecommunications system as set forth 
in claim 25 wherein: 

said preselected period of time is defined by a prese- 
lected number of transmissions of uncryptograph- 
ically encoded information on the high bit rate 
channel. 

29. A system for resynchronizing the generation of 
key stream bits used to cryptographically encode and 
decode digital communications data transmitted be- 
tween the base stations and the mobile stations of a 
digital cellular telecommunications system as set forth 
in claim 25 which also includes: 

means for maintaining a value in a handoff counter 
which is indicative of the number of times each 
mobile station has handed off from one base station 
to another base station since call set up and means 
for using that value to modify the key stream bits 
used to encode and decode the data bits transmitted 
between the base stations and the mobile stations 
and to prevent the reuse of the same pseudo-ran- 
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dom key stream bit pattern a second time during 
the same call. 

30. A method for resynchroniring the generation of 
key stream bits used to cryptographically encode and 
decode digital communications data transmitted be- 5 
tween the base stations and the mobile stations of a 
digital cellular teleconmiunications system which com- 
prises: 

synchronizing the generation of key stream bits used 
to cryptographically encode and decode digital 10 
communications data between each of the base 
stations in the syystem; 

periodically transmitting synchronization informa- 
tion on a low bit rate channel from said base to said 
mobile sutions to synchronize the key stream in 15 
each mobile stations with the key stream in the base 
station with which it is in conununication; 

responding to signals indicative of a handoff of a 
mobile station from a first base station to a second 
base station by continuing the flow of cryptograph- 20 
ically encoded data bits from the second base sta- 
tion to the mobile station; and 

continuing to periodically transmit synchronization 
information on a low bit rate channel from the 
second base station to the mobile station. 25 

31. A system for rcsynchronizing the generation of 
key stream bits used to cryptographically encode and 
decode digiul communications data transmitted be- 
tween the base stations and the mobile stations of a 
digital cellular telecommunications system which com- 30 
prises: 

means for synchronizing the generation of key stream 
bits used to cryptographically encode and decode 
digital communications data between each of the 
base stations in the system; 35 

means for periodically transmitting synchronization 
information on a low bit rate channel from said 
base stations to said mobile stations to synchronize 
the key stream in each mobile station with the key 
stream in the base station with which it is in com- 40 
munication; 

means for responding to signals indicative of a hand- 
off of a mobile station from a first base station to a 
second base station by continuing the flow of cryp- 
tographically encoded data bits from the second 45 
base station to the mobile station; and 

means for continuing to periodically transmit syn- 
chronization information on a low bit rate channel 
from the second base station to the mobile station. 

32. In a radio communications system including a SO 
base station and a mobile station each having a keys- 
trcam generator which generates a keystream for en- 
crypting and decrypting communications between said 
base station and said mobile station, said keystream 
being generated as a function of a plurality of fixed bits 55 
and a plurality of variable bits, a method for the syn- 



chronization of the keystream in said base station with 
the keystream in said mobile station comprising the step 
of: 

detecting a handoff of said mobile station to said base 
station; 

transmitting in response to said handoff the current 

values of the variable bits in one of said base station 
- and said mobile station to the other of said base 

station and said mobile station; and 
using the transmitted value , of the variable bits to 

synchronize the keystream in said base station with 

the keystream in said mobile station. 

33. A method according to claim 32 wherein the fixed 
bits comprise the bits of a secret key and the variable 
bits comprise the bits of a block couiiter. 

34. A method according to claim 33 wherein the 
current bit values of the base station block counter are 
transmitted to the mobile station and used by the mobile 
station to update the mobile station block counter. 

35. A method according to claim 34 wherein the 
current bit values of the base station block counter are 
briefly transmitted over a high data rate control channel 
and periodically transmitted over a low data control 
channel to the mobile station following said handoff. 

36. In radio communications system including a base 
station and a mobile station each having a keystream 
generator which generates a keystream for encrypting 
and decrypting communciations between said base sta- 
tion and said mobile station , said keystream being gener- 
ated as a function of a plurality of fixed bits and a plural- 
ity of variable bits, a system for the synchronization of 
the keystream in said base station with the keystream in 
said mobile station comprising the steps of: 

means for detecting a handoff of said mobile station 
to said base station; 

means for transmitting in response to said handoff the 
current values of the variable bits in one of said 
base station and and said mobile station to the other 
of said base station and said mobile station; and 

means for using the transmitted values of the variable 
bits to synchronize the keystream in said base sta- 
tion with the keystream in said mobile station. 

37. A system according to claim 36 wherein the fixed 
bits comprise the bits of a secret key and the variable 
bits comprise the bits of a block counter. 

38. A system according to claim 37 wherein the cur- 
rent bit values of the base station block counter are 
transmitted to the mobile station and used by the mobile 
station to update the mobile station block counter. 

39. A system according to claim 38 wherein the cur- 
rent bit values of the base station block coimter are 
briefly transmitted over a high data rate control channel 
and periodically transmitted over a low data rate con- 
trol channel to the mobile station following said hand- 
off. 
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